Collecting logs from Linux machines
In modern times, logs are everything. In this text you can find bits of information about your machines' performance and problematic behavior. As Linux is de facto standard in servers all around the world, we need to subdue their information in order to monitor availability and performance. EventLog Collector on the other side are servers used for gathering and centralizing logs from your machines (not necessarily servers, you can also collect logs from Desktops, POS, etc.) and have built-in alarm functionality.
Installing syslog server and forwarder
We will cover Centos and Debian/Ubuntu, however you can also install rsyslog on other Linux Distributions and configure them accordingly.
Centos:
yum install rsyslog -y
Ubuntu/Debian:
apt install rsyslog -y
After the installation add the following line to /etc/rsyslog.conf file at the end:
*.* @172.16.0.71:33514
where *.* is log all messages, @ is UDP protocol, 172.16.0.71 is ip address of EventLog Collector and 33514 is port on which application is listening.
For both Centos and Debian/Ubuntu:
systemctl enable rsyslog
systemctl restart rsyslog
After finishing above mentioned steps, syslog messages should start flowing to your EventLog Collector. As easy as pie!
5 reasons for using EventLog Analyzer
https://www.netvizura.com/blog/5-reasons-for-using-eventlog-analyzer
